In the field of computer security, one enduring problem is to create a system that allows an owner of information to electronically distribute the information throughout the world while regulating use of that information on remote hardware over which the information owner has no control. For example, information may be delivered to an end user in encrypted form with the ultimate goal that it be viewed (but not copied or otherwise misused) by the end user. The information requires a key in order to be decrypted, but it may not be desirable to give the end user unfettered access to the key because the user could then copy the decrypted information and disseminate it at will.
One solution is not to provide the key directly, but to provide the key to the end user in the form of software that applies the key (or that performs some other sensitive function to be hidden from the user). Such software may contain various types of protection designed to complicate or resist attempts to analyze or misuse the software or the secrets that the software is designed to protect. However, the drawback to this solution is that attempts to create “secure” software incorporating such resistance have so far proven ineffective, as such software has invariably been misused, ported to unauthorized installations, or broken in one way or another. A further drawback is that if technology advances to permit greater protection to be built into the software, it is not always possible to “renew” the security technology by replacing an old unit of “secure” software with a new one.
In view of the foregoing, there is a need for a system that overcomes the limitations and drawbacks of the prior art.